A Mis-configured Database that Stored more than 198 million American Voters personal information has been leaked which is consider as Majority of peoples personal information among the all US Citizens.
All the data that contains voter personal information leaked in the Internet and Republican National Committee (RNC) firm which is responsible for this data breach.
Stored Data server owned by Republic firm Deep Root Analytics where all the Voters data stored in publicly accessible cloud server included 1.1 terabytes of entirely unsecured personal information.
Leaked data belongs to Various Voters who is from all the political parties in America and Leaked voters approximately 61 percent of the US population.
Exposed data contains home addresses, birth dates, and phone numbers, the records include advanced sentiment analyses used by political groups, gun ownership, stem cell research, and the right to abortion, as well as suspected religious affiliation and ethnicity.
“According to UpGaurd ,The RNC data repository would ultimately acquire roughly 9.5 billion data points regarding three out of every five Americans, scoring 198 million potential US voters on their likely political preferences using advanced algorithmic modeling across forty-eight different categories.”
This open access leads to anyone with an internet connection could have accessed the Republican data operation used to power Donald Trump’s presidential victory, simply by navigating to a six-character Amazon subdomain: “dra-dw” Upgaurd said.
Deep Root Analytics Data Warehouse stored almost 500 hours of video among 1.1 terabytes that contains political importance which indicate clearly.
UpGaurd found a Folder called “data_trust” in dra-dw Directory stored two massive stores of personal information collectively representing up to 198 million potential voters.
A spreadsheet forecasting specific voters 0-1 Scale -UpGaurd
According to UpGaurd “The spreadsheet is an impressive deployment of analytical might. However, while each potential voter is signified by their 32-character RNC internal ID, it is a one-step process to determine the real name associated with the modeled policy preferences, as the aforementioned “Contact File” also exposed in the database links the RNC ID to the potential voter’s actual identity.“
Previous Electoral Data breach was in Mexico where almost 100 Million Voters data were Revealed in Public.
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.
Google is rolling out a new privacy-focused feature called Shielded Email, designed to prevent apps...
Supply Chain Attack Prevention
Free Webinar - Supply Chain Attack Prevention
Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.
Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.
Discussion points
Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.
